YunoHost-Apps/kanboard_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/kanboard_ynh.git synced 2024-09-03 19:36:17 +02:00
Code Issues Activity Actions
kanboard_ynh/scripts/install
Rasmus MK 3597603588
Set cronjob permissions to rw-r--r-- (#104) 
Cron refuses to execute the job if the file has write permissions
for group or other.

Co-authored-by: Rasmus Mattsson Kallio <rasmus@mallio.se>
2020-12-28 08:15:16 +01:00

189 lines
7.3 KiB
Bash
Raw Blame History

#!/bin/bash
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
ynh_abort_if_errors
#=================================================
# RETRIEVE ARGUMENTS FROM THE MANIFEST
#=================================================
domain=$YNH_APP_ARG_DOMAIN
path_url=$YNH_APP_ARG_PATH
admin=$YNH_APP_ARG_ADMIN
is_public=$YNH_APP_ARG_IS_PUBLIC
app=$YNH_APP_INSTANCE_NAME
#=================================================
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
#=================================================
ynh_script_progression --message="Validating installation parameters..."
# Check destination directory
final_path=/var/www/$app
test ! -e "$final_path" || ynh_die --message="This path already contains a folder"
# Register (book) web path
ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url
#=================================================
# STORE SETTINGS FROM MANIFEST
#=================================================
ynh_script_progression --message="Storing installation settings..."
ynh_app_setting_set --app=$app --key=domain --value=$domain
ynh_app_setting_set --app=$app --key=adminusername --value=$admin
ynh_app_setting_set --app=$app --key=is_public --value=$is_public
#=================================================
# STANDARD MODIFICATIONS
#=================================================
# CREATE A MYSQL DATABASE
#================================================
ynh_script_progression --message="Creating a MySQL database..." --weight=2
db_name=$(ynh_sanitize_dbid --db_name=$app)
ynh_app_setting_set --app=$app --key=db_name --value=$db_name
ynh_mysql_setup_db --db_user=$db_name --db_name=$db_name
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_script_progression --message="Setting up source files..." --weight=2
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$final_path"
mkdir -p $final_path/sessions/
#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Configuring NGINX web server..." --weight=2
# Create a dedicated nginx config
ynh_add_nginx_config
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Configuring system user..." --weight=2
# Create a system user
ynh_system_user_create --username=$app
#=================================================
# PHP-FPM CONFIGURATION
#=================================================
ynh_script_progression --message="Configuring PHP-FPM..." --weight=16
# Create a dedicated PHP-FPM config
ynh_add_fpm_config --package="$extra_php_dependencies"
phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
#=================================================
# SPECIFIC SETUP
#=================================================
# CREATE CONFIG.PHP
#=================================================
ynh_script_progression --message="Configuring Kanboard..."
# Retrieve admin email
email=$(ynh_user_get_info --username=$admin --key=mail)
# Copy and edit config.php
config_php="${final_path}/config.php"
cp ../conf/config.php "$config_php"
ynh_replace_string --match_string="__DB_PWD__" --replace_string="$db_pwd" --target_file="$config_php"
ynh_replace_string --match_string="__DB_NAME__" --replace_string=$db_name --target_file="$config_php"
ynh_replace_string --match_string="__USER__" --replace_string=$admin --target_file="$config_php"
ynh_replace_string --match_string="__EMAIL__" --replace_string=$email --target_file="$config_php"
ynh_replace_string --match_string="__DOMAIN__" --replace_string=$domain --target_file="$config_php"
#=================================================
# DATABASE INITIALIZATION
#=================================================
ynh_script_progression --message="Initializing database..." --weight=7
ynh_mysql_connect_as --user="$db_name" --password="$db_pwd" --database="$db_name" < "${final_path}/app/Schema/Sql/mysql.sql"
(
cd "$final_path"
# Launch database migration
php$YNH_PHP_VERSION cli db:migrate --no-interaction --verbose
)
#=================================================
# GENERIC FINALIZATION
#=================================================
# SECURE FILES AND DIRECTORIES
#================================================
# Set permissions to app files
chown -R root: $final_path
chown -R $app $final_path/{data,plugins,sessions}
chmod -R 700 $final_path/sessions
#=================================================
# SETUP FAIL2BAN
#=================================================
ynh_script_progression --message="Configuring Fail2Ban..." --weight=10
ynh_add_fail2ban_config --logpath="/var/log/nginx/$domain-error.log" --failregex="^.*authentication failure\" while reading response header from upstream, client: <HOST>,.*$" --max_retry=5
#=================================================
# SETUP CRON
#=================================================
ynh_script_progression --message="Setuping a cron..."
cp ../conf/cron_kanboard /etc/cron.d/$app
ynh_replace_string --match_string="__FINALPATH__" --replace_string="$final_path/" --target_file="/etc/cron.d/$app"
ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="/etc/cron.d/$app"
ynh_replace_string --match_string="__PHPVERSION__" --replace_string="$phpversion" --target_file="/etc/cron.d/$app"
chmod 644 "/etc/cron.d/$app"
#=================================================
# SETUP SSOWAT
#=================================================
ynh_script_progression --message="Configuring SSOwat..." --weight=2
# Make app public or private
if [ $is_public -eq 1 ]
then
ynh_app_setting_set --app=$app --key=unprotected_uris --value="/"
ynh_replace_string --match_string="define('LDAP_AUTH'.*$" --replace_string="define('LDAP_AUTH', true);" --target_file="$config_php"
ynh_replace_string --match_string="define('HIDE_LOGIN_FORM'.*$" --replace_string="define('HIDE_LOGIN_FORM', false);" --target_file="$config_php"
ynh_replace_string --match_string="define('REMEMBER_ME_AUTH'.*$" --replace_string="define('REMEMBER_ME_AUTH', true);" --target_file="$config_php"
ynh_replace_string --match_string="define('DISABLE_LOGOUT'.*$" --replace_string="define('DISABLE_LOGOUT', false);" --target_file="$config_php"
else
ynh_app_setting_set --app=$app --key=unprotected_uris --value="/jsonrpc.php"
fi
# Calculate and store the config file checksum into the app settings
ynh_store_file_checksum --file="$config_php"
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..."
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Installation of Kanboard completed" --last
Reference in a new issue View git blame Copy permalink